一, 安装
1,yum 安装
1.1, 安装 epel 源
yum -y install python-jinja2 PyYAML python-paramiko python-babel python-crypto
1.2, 安装 ansible
yum install ansible
2, 编译安装
2.1, 安装依赖
yum -y install python-jinja2 PyYAML python-paramiko python-babel python-crypto
2.2, 下载
wget https://codeload.github.com/ansible/ansible/zip/stable-2.5
2.3, 安装
python setup.py build && python setup.py install
mkdir /etc/ansible && cp -r examples/*/etc/ansible
二, 配置 ansible 的可管理主机
1, 配置 ansible 的 hosts 文件, 添加主机组
echo -e "[webserver]\n192.168.12.157\n192.168.12.158">>/etc/ansible/hosts
2, 配置免秘钥登录
- ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.12.157
- ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.12.158
三, 测试执行命令
- [root@linux-test-node1 ~]# ansible webserver -m command -a who
- 192.168.12.157 | SUCCESS | rc=0>>
- root tty1 2018-06-06 09:33
- root pts/0 2018-06-06 09:34 (192.168.12.136)
- root pts/1 2018-06-06 10:19 (192.168.12.156)
- 192.168.12.158 | SUCCESS | rc=0>>
- root tty1 2018-02-27 01:14
- root pts/0 2018-02-27 01:15 (192.168.12.136)
- root pts/1 2018-02-27 01:59 (192.168.12.156)
四, ansible 的常用模块
4.1,command 模块
- [root@linux-test-node1 ~]# ansible webserver -a "echo john@2018 |passwd root"
- 192.168.12.157 | SUCCESS | rc=0>>
- john@2018 |passwd root
- 192.168.12.158 | SUCCESS | rc=0>>
- john@2018 |passwd root
注:-m command 可以省略, command 模块不支持命令管道, 需要使用 shell 模块, 上面的命令并没有更改密码
4.2,shell 模块
- [root@linux-test-node1 ~]# ansible webserver -m shell -a "echo john@2018 |passwd --stdin root"
- 192.168.12.157 | SUCCESS | rc=0>>
Changing password for user root.
passwd: all authentication tokens updated successfully.
192.168.12.158 | SUCCESS | rc=0>>
更改用户 root 的密码 .
passwd: 所有的身份验证令牌已经成功更新.
4.3,copy 模块, 将本地的文件拷贝到目标服务器, grou,owner,mode 根据需要加
- [root@linux-test-node1 ~]# ansible webserver -m copy -a "src=~/ansible_test.file dest=/root/ mode=644 owner=root group=root"
- 192.168.12.158 | SUCCESS => {
- "changed": true,
- "checksum": "172c1d29d7392d0959d56c947052f4fe19095f1a",
- "dest": "/root/ansible_test.file",
- "gid": 0,
- "group": "root",
- "md5sum": "24786862312ecb05a2d09613dff5f1e0",
- "mode": "0644",
- "owner": "root",
- "secontext": "system_u:object_r:admin_home_t:s0",
- "size": 23,
- "src": "/root/.ansible/tmp/ansible-tmp-1510458019.96-84135187555991/source",
- "state": "file",
- "uid": 0
- }
- 192.168.12.157 | SUCCESS => {
- "changed": true,
- "checksum": "172c1d29d7392d0959d56c947052f4fe19095f1a",
- "dest": "/root/ansible_test.file",
- "gid": 0,
- "group": "root",
- "md5sum": "24786862312ecb05a2d09613dff5f1e0",
- "mode": "0644",
- "owner": "root",
- "secontext": "system_u:object_r:admin_home_t:s0",
- "size": 23,
- "src": "/root/.ansible/tmp/ansible-tmp-1510458019.95-16654666556198/source",
- "state": "file",
- "uid": 0
- }
4.4,fetch 模块, 从远程主机拷贝文件到本地
- [root@linux-test-node1 ~]# ansible webserver -m fetch -a "src=/root/remote_test.file dest=/root/ flat=yes"
- 192.168.12.158 | FAILED! => {
- "changed": false,
- "msg": "file not found: /root/remote_test.file"
- }
- 192.168.12.157 | SUCCESS => {
- "changed": true,
- "checksum": "76d7d1e26b7507b6aa5f7add865b7585e6a4435c",
- "dest": "/root/remote_test.file",
- "md5sum": "27c3eb98c1f99ff12a1184af1113481d",
- "remote_checksum": "76d7d1e26b7507b6aa5f7add865b7585e6a4435c",
- "remote_md5sum": null
- }
flat=yes 作用:
当 dest=/root/,abc.txt 会保存在 / root / 目录下
当 dest=/root/file, 会拷贝 abc.txt 文件, 并命名为 file
4.5,cron 模块
1, 新建任务
- [root@linux-test-node1 ~]# ansible webserver -m cron -a "minute=*/10 job='/sbin/ntpdate 10.10.10.10 &> /dev/null'name=Synctime"
- 192.168.12.158 | SUCCESS => {
- "changed": true,
- "envs": [],
- "jobs": [
- "Synctime"
- ]
- }
- 192.168.12.157 | SUCCESS => {
- "changed": true,
- "envs": [],
- "jobs": [
- "Synctime"
- ]
- }
注: name 是计划任务的注释, minute 是执行时间, job 是完整的任务
2, 删除任务
- [root@linux-test-node1 ~]# ansible webserver -m cron -a "state=absent name=Synctime"
- 192.168.12.158 | SUCCESS => {
- "changed": true,
- "envs": [],
- "jobs": []
- }
- 192.168.12.157 | SUCCESS => {
- "changed": true,
- "envs": [],
- "jobs": []
- }
4.6,file 模块, 对文件, 文件夹进行删除, 创建, 移动拷贝和创建链接的操作
创建文件
[root@linux-test-node1 ~]# ansible webserver -m file -a "path=/root/test_touch_file state=touch owner=root group=root mode=644"
删除文件
[root@linux-test-node1 ~]# ansible webserver -m file -a "path=/root/test_touch_file state=absent"
创建链接
[root@linux-test-node1 ~]# ansible webserver -m file -a "src=/root/ansible_test.file dest=/home/ansible_test.file state=link"
4.7,yum 模块
安装
[root@linux-test-node1 ~]# ansible webserver -m yum -a "name=httpd"
卸载
[root@linux-test-node1 ~]# ansible webserver -m yum -a "name=httpd state=absent"
4.8,service 模块
启动 httpd 服务
[root@linux-test-node1 ~]# ansible webserver -m service -a "name=httpd state=started"
停止服务
[root@linux-test-node1 ~]# ansible webserver -m yum -a "name=httpd state=stopped"
重启服务
[root@linux-test-node1 ~]# ansible webserver -m yum -a "name=httpd state=restarted"
4.9,user\group 模块, 用来管理用户和组
新建用户
[root@linux-test-node1 ~]# ansible webserver -m user -a "name=john group=root"
删除用户
[root@linux-test-node1 ~]# ansible webserver -m user -a "name=john state=absent remove=yes"
新建组
[root@linux-test-node1 ~]# ansible webserver -m group -a "name=johngrp"
删除组
[root@linux-test-node1 ~]# ansible webserver -m group -a "name=johngrp state=absent"
来源: http://www.bubuko.com/infodetail-2633020.html